Seattle Children's Gains Complete Citrix VDI Visibility with ExtraHop

Wes Wright, CIO of Seattle Children's, describes how ExtraHop helped to find the "ghost in the machine" that was slowing down their Citrix VDI deployment. ExtraHop provides real-time ICA analysis as well as correlated visibility for the rest of the Citrix environment. Also speaking is Tim Holt, Senior Director of Enterprise Architecture.

The network doesn’t lie. That’s one reason companies are increasingly turning to their network to simplify and speed up common SOC workflows. Network Traffic Analytics (NTA) complements log data and endpoint instrumentation with an objective view of threat behavior on the network, and dramatically reduces the time to detect and respond to threats.

In this webinar, you will learn how your peers are using NTA technology based on a new market research from 451 Research, as well as ExtraHop’s approach to NTA that goes beyond just detecting threats to also include automated investigation and robust forensics capabilities.

The tourism industry is a highly competitive space; be it for airline operators, hotel booking sites, or travel fare aggregators. It is an industry that has been heavily digitised and in which a 2% profit is considered a good year. In this environment, IT teams in travel & tourism are constantly being asked to provide better, more secure digital experiences at less cost. The key to greater efficiency and performances is visibility into complex IT environments, where a single business transaction could involve 30 different hops across Citrix, Sabre applications, and third-party API calls.

In this webinar, we'll be looking at real-life examples of how IT teams can leverage enterprise-scale IT analytics backed by AI to:

Orchestration and automation theory has graduated to a concrete architecture for implementation. An action-driven architecture supports more proactive analysis and investigation for more effective detection, triage, investigation, and response.

The foundation of a successful security architecture in this model requires:
- Rich, trustworthy data covering all aspects of the environment
- Consolidated data sources and analytics processes
- Automated investigation and response capabilities
- Integration between tools and services for total coverage of every critical asset and data set.

In this webinar, we'll discuss how to build an action-oriented security architecture, key use cases, and critical success factors.

Matt Cauthorn, VP of Security at ExtraHop and Tyson Supasatit, PMM at ExtraHop

On March 21, the IETF approved the TLS 1.3 standard, which requires forward secrecy. This poses a problem for passive monitoring solutions because they will not be able to decrypt the traffic. In this webinar, you will learn about TLS 1.3's implications for enterprise performance and security monitoring, and how ExtraHop offers a novel method of decrypting traffic using ephemeral session keys without an inline deployment.

Every hospital room is a datacenter. By the year 2020, Internet-connected medical devices will outnumber people 2:1. There will be 13 devices per staffed bed, not just per room. And, an average of 89 vendors will access a hospitals network every week. These increasing trends will create unique challenges for healthcare institutions, such as:

-Increased complexity due to siloed departments
-Lack of visibility into east-west traffic
-Security around the increasing amount of medical devices

There’s a better way for hospitals to build a sustainable business model focused on lower costs and better outcomes. Cerner and ExtraHop can help IT health organizations prepare for this shift, by keeping their systems online and providing the quality care patients expect. ExtraHop and Cerner provide the ability to see, in real time and down to the transactional level, exactly what’s happening across your healthcare IT and clinical systems. This visibility isn’t just a nice to have, it is a must-have to keep your IT healthy.

If you have a data center or application migration on the horizon, you need to be aware of the pitfalls. Out-of-date CMDBs, reliance on tribal knowledge, lack of performance reporting, and other gotchas can lead to project overruns and application performance issues.

Thankfully, you can use data pulled from the network to discover assets, map dependencies, measure before-and-after baselines, and validate your project's success.

Register for this webinar to learn more about how to overcome the common challenges in your data center migration project.

Security operations need to balance a drive for greater efficiency with the need for agile and adaptive investigations. The security workflow paradigm of the last decade focused heavily on detection and alerting. Once a potential security problem is detected, the rest of the investigation and remediation process is essentially manual. Given the sheer volume of alerts and high ratio of false positives, this workflow is no longer sustainable. In this webinar, we'll discuss the parts of the current security paradigm that cause the most time waste, and introduce a new automated 3-in-1 workflow, enabled by ExtraHop Reveal(x), that can reduce wasted time and accelerate investigations for enterprise security teams:

You'll learn:

- Three top causes of time-waste in the SOC, and how to avoid them
- How to focus manual effort on tasks that matter, and automate the rest
- How the Reveal(x) 3-in-1 workflow meshes discovery, correlation, and investigation to reduce false positives and manual labor, and accelerate security investigations.

Many network operation teams struggle to address data friction issues by failing to leverage their network. Using a network as a real-time data source allows you to confidently maximize the value of IT data. Sign up to learn about an analytical approach to healthcare and how to leverage a network as a data source.

Ernie Hood, Senior Research Director with the Advisory Board and former Vice President and CIO at Group Health

Securing your healthcare organization goes beyond investing in technology to secure your devices, data, and applications. In today's complex digital healthcare environment, your healthcare workflows broaden your risk exposure by interacting with multiple apps, devices, and users spread across multiple geographies. Securing these interactions and all of the components within these workflows requires investing in a comprehensive cybersecurity ecosystem that is more focused on business objectives and less focused on securing individual applications and devices.

This webinar will discuss the pieces of a cybersecurity ecosystem model, and how this type of model requires policies, processes, and technologies that allow your healthcare organization to take a more proactive approach to risk management and security.

Network administrators and engineers function as “human middleware” for their monitoring tools, according to Shamus McGillicuddy, Senior Analyst at EMA Research. Skilled humans still need to do much of the heavy lifting in terms of analyzing data.

That’s the problem holding back many network operations teams from achieving greater productivity. But there’s hope! EMA recently bestowed its Innovator’s Award on ExtraHop’s Addy machine learning offering for its ability to remove much of the burden from human operators. Join this webinar to learn how machine learning can help under-resourced network teams do more with less.

Join us on November 8th, as ExtraHop, APCON, and Portland Community College (PCC) discuss the challenges PCC faced when trying to expand visibility and aggregate network traffic from multiple remote sites. The group will discuss how PCC was troubleshooting and managing their network in the past and how they’re now able to have visibility across multiple remote sites, access to instant dashboards, and the ability to go back in time to look at historical metrics -- all while staying within a tight budget.

Even the most advanced cybersecurity efforts are incomplete, as evidenced by the increasing number of major corporate data breaches that make headlines each year. Security professionals are forced to rely on SIEM platforms and other tools that, while valuable, are inherently limited and cannot be expected to deliver the complete results necessary for good security. Current efforts are barely keeping up with attackers. More tools, even better tools, are not the answer.

This webinar will discuss a new discipline for understanding the role each data source fulfills in the cybersecurity toolset, and how to take a strategic approach to extracting the most relevant, valuable insights from each data source for a more complete security posture that requires less manual effort to achieve.

Many teams throughout the enterprise—security, network, IT operations—lack the insights needed to make confident, data-driven decisions. People cannot access the data they need quickly, resulting in waste, slow response times, and expensive incidents.

With the announcement of version 7.0, ExtraHop provides real-time and empirical data all teams can benefit from through complete visibility, faster incident resolution, and stronger security.

In this webinar, we will cover the new ways we are helping our customers reveal the shape and context of their digital enterprise by demonstrating:
• Live activity maps that allow for unprecedented visual environment exploration
• Automated anomaly workflows—including new security anomalies
• Scheduled reports that share real-time views of the information that matters most to each user

Many teams throughout the enterprise—security, network, IT operations—lack the insights needed to make confident, data-driven decisions. People cannot access the data they need quickly, resulting in waste, slow response times, and expensive incidents.

With the announcement of version 7.0, ExtraHop provides real-time and empirical data all teams can benefit from through complete visibility, faster incident resolution, and stronger security.

In this webinar, we will cover the new ways we are helping our customers reveal the shape and context of their digital enterprise by demonstrating:
• Live activity maps that allow for unprecedented visual environment exploration
• Automated anomaly workflows—including new security anomalies
• Scheduled reports that share real-time views of the information that matters most to each user

Many organisations are looking for assistance to troubleshoot and tune their growing desktop and application virtualisation deployments.

Join this webinar to discover how you can track five key metrics that characterize the performance of your Citrix environment. We call these metrics “The Five Ls”: Launches, Logon Time, Load Times, Latency, ChanneLs.

ExtraHop and Phoenix Datacom will talk through real life examples of how the ExtraHop platform provides visualisations for these metrics as well as the details needed to dig deeper into the root cause making Citrix performance issues a thing of the past.

Over the next several years, ESG sees organizations adopting a security operations and analytics platform architecture (SOAPA) that ties together best-of-breed cybersecurity tools. Wire data—full L2-L7 analytics—from network security analytics platforms will play a key role in these SOAPA portfolios because of its real-time nature and because every threat must necessarily traverse the network. This webinar will explain the SOAPA approach and how wire data fits, and will include use cases for integration and orchestration of wire data with other security tools such as SIEM platforms.

IT environments are becoming larger and more complex through organic growth as well as acquisition. Accompanying initiatives—like datacenter migrations, for example—are expensive. Done well, these moves cost $1,200 to $6,000 per server. But when things go wrong? A poorly optimized load balancer could mean downtime for critical application servers – a price that could skyrocket to more than $25,000 per server.

What if IT teams could be guided through the process? What if they had a way to map the plan and troubleshoot issues before they became outages?

In this webinar, we'll share a story from an ExtraHop customer who underwent a large datacenter migration after it acquired a new business. Not only did their IT team undergo a successful migration, they also decreased troubleshooting time and cost to the company by 85 percent – freeing them to move beyond reactive firefighting to proactive solution building for the business.

Network engineers and system administrators can spend a great deal of time responding to user complaints and troubleshooting slow performance issues that are difficult to diagnose or replicate. Resolving those issues can be especially problematic if those applications are provided by a third-party vendor or hosted by third parties, such as SaaS EMR applications, claims processing applications, and practice management applications. Often, IT teams do not have enough visibility to determine root causes or to counter claims from third-party vendors and managed service providers that host applications. With real-time insight into end-user experience for these hosted applications, including application-level transaction details, IT teams can hold vendors accountable and identify root causes faster.

Learn how ExtraHop helps you identify the root cause of your IT problems, avoiding unnecessary friction among your IT teams and ransomware by providing full, real-time visibility into which devices are accessing network share and what type of behavior they are exhibiting, backed by machine learning for immediate anomaly detection.

As May's WannaCry attacks made devastatingly clear, ransomware isn't going anywhere—and focusing on intrusion prevention and detection won't keep your network safe. Once an attacker makes it around your defenses and into your system, they linger for 200 days on average, representing a serious threat to sensitive data, brand reputation and most importantly patient safety. While many healthcare organizations have invested heavily in monitoring north-south traffic, they have limited visibility for east-west traffic. Many security tools also rely on known malware signatures, making it all too easy for an attacker to slip past defenses with a new strain of ransomware.

Learn how ExtraHop helps you identify ransomware by providing full, real-time visibility into which devices are accessing network share and what type of behavior they are exhibiting, backed by machine learning for immediate anomaly detection.

ExtraHop is the leader in real-time IT analytics. Our platform makes data-driven IT a reality, applying advanced analytics and cloud-based machine learning to all digital interactions to deliver timely and accurate insight. IT leaders turn to ExtraHop first to help them make faster, better-informed decisions that improve performance, security, and digital experience. Just ask the hundreds of global ExtraHop customers, including Sony, Lockheed Martin, Microsoft, Adobe, and Google.